package com.tiancheng.trade.commom.core.utils;

import com.fasterxml.jackson.core.type.TypeReference;
import org.apache.commons.codec.binary.Base64;

import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.util.Map;

/**
 * 判断oss access token是否有效
 */
public class OssAccessTokenChecker {

    /**
     * 判断token是否有效
     */
    public static boolean isValid(String appId, String accessToken) {
        return check(appId, accessToken);
    }

    /**
     * 判断token是否有效
     */
    public static boolean isValid(String accessToken) {
        return isValid(null, accessToken);
    }


    /**
     * 解密toekn
     */
    public static Map<String, Object> decrypt(String accessToken) {
        String data = new String(Base64.decodeBase64(accessToken));
        String target = java_openssl_decrypt(data, "1f370f26c516025032856d8591ade79d", "c516025032856d85");
		return JsonUtil.fromJson(target, new TypeReference<Map<String, Object>>() {
		});
    }

    /**
     * 根据toekn解密出appId
     */
    public static String decryptAppId(String accessToken) {
        Map<String, Object> json = decrypt(accessToken);
        return json.get("app_id").toString();
    }

    private static boolean check(String appId, String accessToken) {
        try {
            String data = new String(Base64.decodeBase64(accessToken));
            String target = java_openssl_decrypt(data, "1f370f26c516025032856d8591ade79d", "c516025032856d85");
            Map<String, Object> json = JsonUtil.fromJson(target, new TypeReference<Map<String, Object>>() {
            });
            if (json==null|| !json.containsKey("expires_time")) {
                return false;
            } else {
                long expireTime = Long.parseLong(json.get("expires_time").toString().concat("000"));
                if (System.currentTimeMillis() > expireTime) {
                    return false;
                } else if (!json.containsKey("app_id")) {
                    return false;
                } else {
                    if (appId == null) {
                        return true;
                    } else {
                        String tkAppId = json.get("app_id").toString();
                        return tkAppId.equals(appId);
                    }
                }
            }
        } catch (Exception var7) {
            var7.printStackTrace();
            return false;
        }
    }

    private static String java_openssl_decrypt(String base64Str, String password, String iv) {
        try {
            byte[] data = Base64.decodeBase64(base64Str);
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            byte[] key = getKey(password);
            cipher.init(2, new SecretKeySpec(key, "AES"), new IvParameterSpec(iv.getBytes()));
            return new String(cipher.doFinal(data));
        } catch (Exception e) {
            throw new SecurityException(e);
        }
    }

    private static byte[] getKey(String password) {
        byte[] key = new byte[16];
        for (int i = 0; i < 16; ++i) {
            if (i < password.getBytes().length) {
                key[i] = password.getBytes()[i];
            } else {
                key[i] = 0;
            }
        }
        return key;
    }
}
